NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0432 Large Apple Mac Security Update:
Apple released a relatively large security update on 18MAR08 that patched at least 80
vulnerabilities in its Tiger and Leopard operating systems, many of which were critical.
The updates reportedly addressed bugs in both desktop and server components, several of
which allow attackers to remotely execute malicious code on a victim's machine. Vulnerable
components include the Mac implementation of OpenSSH, Apache, CUPS, Kerberos, and ClamAV.
The Help Viewer and core networking features also were patched.
The patches amounted to over 105 MB, which does not include a separate 25 MB file that
installs version 3.1 of Apple's Safari Browser.
(www.theregister.co.uk 19MAR08)